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Part 1 — General 


| Name of BCNET 


Department/Branch: : —Ss —_ ae = S 
_PIA Drafter: _Hooper Access and Privacy Consulting Ltd. (Roseann Whitton) 


Email: rwhitton@hooperconsulting.ca | Phone: | 250-920-6331 
_bev@hooperconsultina.ca_ | |_ 250-896-4272 
_Program Manager: _|_Dean Crawford/Devon Keys. 


| Email: | dean.crawford@bc.net | 250-721-8477 
. __|_devon.keys@bc.net_ |__| 250-721-7635 


1. Description of the Initiative 


BCNET is taking the lead on the development of this Privacy Impact Assessment (PIA) on the Kaltura 
open source video platform service (Kaltura), on behalf of its members and affiliations. 


BCNET is a federally incorporated not-for profit, services information technology organization that 
represents the interests of its members (including 25 publicly funded post secondary institutions) made up 
of universities, colleges, institutes, and research institutes across British Columbia. It represents all public, 
post-secondary education institutions in the province and provides shared services to its members in the 
areas of networks, procurements, licensing and IT services. 


This unique, collaborative shared services model provides a multitude of benefits to its members from 
reducing and containing costs and increasing spending power, to decreasing duplication and improving 
service quality and productivity. The model cultivates a strong community, where members actively 
engage with peers to share, explore and develop innovative ideas and solutions as they tackle a broad 
spectrum of common and unique research and education technology challenges and topics. BCNET strives 
to add value to its membership by leveraging an advanced network that provides economies of scale to 
maximize efficiencies and drive down collective costs, while at the same time, continuing to facilitate 
collaborative innovative solutions that meet the needs of their stakeholders in support of world-class 
research and education. 


A key component of facilitating innovative information technology (IT) solutions through this advanced 
network is ensuring they are hosted, accessed, managed and protected within a secure environment in 
accordance with Provincial (Freedom of Information and Protection of Privacy Act, FOIPPA) privacy laws, 
regulations and controls. 


The Kaltura video platform service is a digital asset management system used by BCNET members who 
are increasingly relying on video for teaching and learning over the traditional text method. It is used by 
many educational institutions, media companies and enterprises for collaborating through video. Online 
material does not replace face-to-face teaching but rather is used as an additional support that makes 
educational learning more interactive, engaging, and accessible. Kaltura is cost effective and a proven well- 
rounded solution that is stable, highly available and provides flexibility that meet the demands of BCNET 
members. 


The platform also includes Kaltura MediaSpace services. Kaltura MediaSpace offers services that can 
customize the video needs of departments within each institution. They can use MediaSpace to, launch a 
CampusTube, capture and publish lectures, broadcast live events, organize library content, provide 
galleries for student groups and/or reach out to alumni and prospective students. 


Kaltura offers a broad video (Video Platform as a Service - VPaaS), as well as turnkey video based 

SaaS on-premise solutions. With the single video portal, members have the capability to centralize all 
video content in a single, easy-to-manage repository. In addition, its video management and creation tools 
are designed to seamlessly integrate with all major Learning Management Systems (LMS), Video Learning 
Environments (VLE) and leading Content Management Systems (CMS). 


The shared Kaltura service offered by BCNET is a video platform that integrates with an institutions’ LMS and 
is hosted in the UBC EduCloud instance on premises at their UBC data centres. This ensures that it is secure, 
easily accessible and FJPPA compliant. While the BCNET service owner manages the services as required, 
UBC and BCcampus provide staff to support, operate and maintain the service. 


Features & Benefits 


e The centralized video platform can be used for importing, encoding/transcoding, organizing, 
securing, streaming, and disseminating video content to a host of devices used on campus. 

e Analytics can be used for assessment and improvement of video use. 

e The system is fully integrated with all existing Learning Management Systems (LMS) and allows 
users to record, upload, and store videos in their LMS. These videos will be transcoded for easier 
viewing on multiple devices, stored in a central platform, and be available for searching and 
viewing. 


Faculty, staff, researchers, students and central groups can easily create, upload, edit, manage, publish, 
discover and deliver high quality video to any device, live or on demand. Educators can create classroom 
lectures and capture in webcast recordings. Users can make their own videos, upload as single files or in 
batches. Video messages can be added to emails to cut through inbox clutter. All content can be kept in one 
place, making it easier to share across departments while still controlling access. 


2. Scope of this PIA 
This PIA covers the use of the Kaltura video platform hosted in EduCloud and has been developed with a 


focus on the privacy protection and security measures deployed by UBC in the Canadian cloud 
environment. 


3. Related Privacy Impact Assessments 


No other PIA’s have been completed on this initiative however, a comprehensive PIA has been completed 
by BCNET on EduCloud server. This PIA covers the use of EduCloud server, and the operational controls 
and measures deployed by UBC in the Canadian Cloud environment to identify and assess potential 
vulnerabilities to BCNET members. 


4. Elements of Information or Data 


The data elements required to access the Kaltura video platform flow from each individual institutions 
LMS. The LMS credentials are established at the institution level and they authenticate the user. 
Student/Faculty user credentials are passed from the institution LMS into Kaltura. Although there may be 
some slight differences from institution to institution, credentials are typically the User I.D, course, name 
and email. Once a video is recorded and complete it is uploaded to “My Media” in the “Media Gallery”. 
Access to the “Media Gallery” is restricted to instructors and students enrolled in the course. All video 
content can be reviewed and approved by authorized instructors prior to the public publishing of a video. 
Permissions are strictly governed by each institution. 


The MediaSpace service of Kaltura does not integrate with the member institution’s LMS, however it does 
allow for a number of authentication methods (i.e. LDAP, SAML, SSO Gateway) that are based on the 
collection of the same elements of personal information noted above. For MediaSpace, the information is 
passed from the institutions system of record in a similar method to how data is passed from the LMS. 


It should be noted that additional PI may be included in the videos themselves such as video footage of 
individuals, names or inadvertently sensitive information. The inadvertent collection of any personal 
information from the individuals is managed through the BCNET member. BCNET members may provide 
guidelines on the use of the video platform that can reinforce that all video content is not intended to be 
shared or distributed outside of the BCNET member environment. 


Part 2 — Protection of Personal Information 


5. Storage or Access outside Canada 


EduCloud: 


EduCloud Server is currently hosted on secure servers in 2 geographic locations (Vancouver and 
Kamloops) within BC. Kaltura data is primarily stored in Vancouver with a Disaster Recovery copy stored in 
Kamloops. The platform is restricted to authorized users and not by geographic location. All personal 
information stored by members will reside in Canada and will not be stored outside of Canada. 


BCNET members can work with designated staff from BCcampus, a not-for-profit organization, that 
provides various forms of educational support to BC post-secondary institutions, and designated UBC 
support contacts to assist in managing and resolving incidents and issues that are raised and reported. 
BCNET and their members have access to support staff during regular business hours, all of whom are 
located in BC. BCNET members have sole control and responsibility of what information they share with 
technical staff when they contact them at the time as permitted under Section 33.1 of the Act. 


Kaltura: 


Kaltura is a US based company headquartered out of New York however, the video platform is hosted on 
the EduCloud servers therefore all personal information resides within Canada and is not stored outside of 


Canada. 
6. Data-linking Initiative* 


| In FOIPPA, "data linking" and “data-linking initiative” are strictly defined. Answer 
the following questions to determine whether your initiative qualifies as a “data- 
linking initiative” under the Act. If you answer “yes” to all 3 questions, your 
initiative may be a data linking initiative and you must comply with specific 
__requirements under the Act related to data-linking initiatives. 
1. Personal information from one database is linked or combined with N 
3 s (e) 
personal information from another database; 


2. The purpose for the linkage is different from those for which the 


personal information in each database was originally obtained or N/A 
compiled; 
3. The data linking is occurring between either (1) two or more public N/A 


bodies or (2) one or more public bodies and one or more agencies. 


_ If you have answered “yes” to all three questions, please contact 
your privacy office(r) to discuss the requirements of a data-linking 
initiative. 


7. Common or Integrated Program or Activity* 


In FOIPPA, “common or integrated program or activity” is strictly defined. Answer | 
the following questions to determine whether your initiative qualifies as | 
“a common or integrated program or activity” under the Act. If you answer “yes” | 
to all 3 of these questions, you must comply with requirements under the Act for | 
_common or integrated programs and activities. 


1. This initiative involves a program or activity that ade a service for | Vice | 
services); 


= = — = = — | 


2, Those services are -e provided through: 

(a) a public body and at least one other public body or agency 

working collaboratively to provide that service; or No 
(b) one public body working on behalf of one or more other public 

bodies or agencies; _ 7 inal - ; |i 


3. The common or integrated program/activity i is confi rmed by written 
documentation that meets the requirements set out in the FOIPP N/A 
regulation. a 


| Please check this box if this program involves a common or 


integrated program or activity based on your answers to the three 
questions above. 


8. Personal Information Flow Diagram and/or personal Information Flow Table 


Personal information is collected directly from BCNET Collection 26(c) 
member students and faculty by their institution at time of 
the establishment of appropriate access credentials 
(through an LMS or other specific institution 
program/system of record). 
BCNET member students and faculty using Kaltura securely | Use 32(a) 
log into Kaltura using the above noted established 
authorized credentials (passed securely from their LMS or 
system of record into Kaltura). 
32(a) 


The personal information contained in the credentials Use 
authenticate the user and enable the individual to use 

Kaltura to record, complete and upload a video to “My 

Media” in the “Media Gallery”. 


Authorized students can access the “Media Gallery” to view 
videos. 


Authorized instructors can access the “Media Gallery” to 
review, assess, and evaluate videos as well as approve 
videos prior to public publishing. 


9. Risk Mitigation Table 
NOTE: 


It should be noted that primary responsibility for the management and administration of any 
physical and/or technical security risks is born by any BCNET member choosing to use Kaltura 
hosted in EduCloud. These privacy risks are managed through a combination of technical, 
administrative, and physical controls that are designed and in place to mitigate each associated 
risk. 


Unauthorized individuals could Employee Code of conduct and 
access the personal information | Non-disclosure agreements; Use 
in Kaltura platform and use or of Information & Technology 
disclose it for personal purposes Policies, password protected 
(within BCNET institutions and/or | access, user access to system, 
UBC). based on need to know basis, 
permission restrictions, controls, 
and monitoring. 
Authorized individuals could Confidentiality Agreement 
access the personal information | between Kaltura and UBC, 
in the Kaltura platform and use Employee Code of conduct and 
or disclose it for personal Non-disclosure agreements; Use 


purposes (within Kaltura). of Information & Technology 
Policies, password protected 
access, user access to system, 
based on need to know basis, 
permission restrictions, controls, 
and monitoring. 


BCNET member personal Transmission is encrypted with 
information data is compromised | 256-bit AES encryption and over 
during transmission from the a secure line. Encryption keys 
member to EduCloud. managed by BCNET members. 
EduCloud Security Breach. EduCloud breach protocols are. 
in place to reduce risks to 
member data in the event of a 


10. Collection Notice 


The BCNET member is responsible for ensuring the appropriate collection notification is in place prior to 
accessing/using the institutions LMS and subsequently the Kaltura video platform. 


Part 3 — Security of Personal Information 


11. Please describe the physical security measures related to the initiative (if applicable). 


BCNET members: 

Members and their service providers are responsible at all times for ensuring the physical security of all 
data while in their custody and/or control (including all data at rest or in transit) and must meet all 
applicable physical security standards required by their organization. 


UBC/EduCloud: 

The EduCloud service is hosted in two secure data centers protected by access controls. Access is 
continuously monitored both electronically and by cameras. Only authorized personnel have access to the 
secure data centers. 

Kaltura: 

The Kaltura video platform virtual machines all reside in EduCloud on servers within BC. (see above) 

A limited number of pre-approved Kaltura engineers and UBC technical administrators currently have 
access to the Kaltura Administrative Console (KAC), and each BCNET institutions authorized administrators 
have access to their own Kaltura Management Console (KMC). Both are not behind a virtual private 
network, however, both site locations have a security certificate. 


12. Please describe the technical security measures related to the initiative (if applicable). 


BCNET: 

BCNET members and their service providers are responsible at all times for ensuring the technical security 
of all data while in their custody and/or control (including all data at rest or in transit) and must meet all 
applicable technical security standards required by their organization. 


UBC/EduCloud: 
As EduCloud is built on VMware technology UBC follows VMware best practices for securing the platform. 


VMware vCloud Networking and Security vCloud Networking and Security provides networking and 
security capabilities for virtualized compute environments that are built with vCloud Suite technologies. It 
provides a broad range of services delivered through virtual appliances (see Figure 1), such as a virtual 
firewall, virtual private network (VPN), load balancing, network address translation (NAT), DHCP and 
VXLAN-extended networks, while also providing a comprehensive framework to integrate third-party 
solutions. These foundational networking and security capabilities of the vCloud Suite enhance operational 
efficiency, improve agility with control and enable extensibility to partner solutions. Management 
integration with VMware vCenter Server™ and VMware vCloud Director® reduces the cost and complexity 
of data center operations. 


VCloud Networking & Networking Security Features 


FEATURES VCLOUD 
SUITE 
ENTERPISE 


Firewall 
VPN 
VXLAN 


vCloud Ecosystem 
Framework 


NAT 

CHCP 

High availability 
(HA) 

Load balancing 
Data Security 
Endpoint 


More detailed information on VMware vCloud security can be found at: 


https: //www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/whitepaper/products/vcns/vmwa 
re-vcloud-networking-and-security-overview-whitepaper.pdf and/or 


https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmw-10q3-white- 
paper-cloud-director-security.pdf 


Kaltura: 

Kaltura engineers access the VMs via the consultant’s pool on UBC's virtual private network. This access 
also utilizes multi-factor authentication for additional security. By contract, access to the VMs within the 
EduCloud environment is only permitted in response to a request or support ticket. 


Access logs are maintained and reviewed periodically by UBC. Kaltura engineers, when accessing the VMs 
or application, are requested to update the associated support ticket at that time. The Kaltura database 
(both Master and Slave) are currently ‘locked’ and are only accessible by UBC Database administrators. 
Kaltura must request for it to be ‘unlocked’ which is typically only required for upgrading the application 
after which the database is returned to a ‘locked’ state. 


The following text exists in the 2016 agreement between Kaltura and BCNET: 

altura shall only access Customer servers hosting the Kaltura application at the specific request of 
Customer and at a time and date agreed to by both Kaltura and Customer. Kaltura shall provide details of 
its activity so that UBC personnel can monitor the remote access.’ 


13. Does your branch/department rely on any security policies? 


BCNET: 

BCNET members and their service providers are responsible for the deployment, dissemination and 
administration of all of their individual organizational security policies etc. as it relates to the handling and 
management of personal information in their custody and/or control. 


UBC/EduCloud: 

Using the VMWare NSX solution, member can configure security rules for their individual VDC. With NSX, 
members have the ability to lock down application, create a logical DMZ in software, and reduce the attack 
of a virtual desktop environment, NSX Data Center enables micro-segmentation to define and enforce 
network security policies consistently on any workload hosted anywhere. All features are configured and 
administered by the member with support provided by the EduCloud operators as required. 


UBC Policy #104 
https://www.universitycounsel.ubc.ca/files/2013/06/policy104.pdf 


Information Security policy, standards and resources 
https://cio.ubc.ca/information-security/information-security-policy-standards-and-resources 


There is an existing Security and Confidentiality Agreement between UBC and Kaltura - signed by Kaltura 
in 2013. In addition, please see Kaltura’s privacy policy. 
https://corp.kaltura.com/privacy-polic 


14. Please describe any access controls and/or ways in which you will limit or restrict 
unauthorized changes (such as additions or deletions) to personal information. 


BCNET: 
BCNET members and their service providers are responsible for the strict management and administration 
of user access based on a “need to know” basis only including maintenance and enforcement. 


UBC/EduCloud: 

UBC support staff do not access or alter personal information in any way. BCNET members can work with 
UBC support staff to manage and resolve all incidents and issues raised and reported. Members have 
access to technical support staff during regular business hours all of whom are located in BC. BCNET 
members have sole control and responsibility of what information they share with technical staff when 
they contact them at the time as permitted under Section 33.1 of the Act. 


Kaltura: 

As the Kaltura platform is hosted in an “on premises” environment, access to the UBC servers by Kaltura 
engineers for the purposes of upgrades and troubleshooting, must be preapproved, authorized and 
monitored by UBC. Kaltura engineers can only access the Kaltura application and environment in response 
to a support request or during a scheduled maintenance window. Kaltura engineers must update support 
tickets with relevant findings from these investigations. Kaltura engineers and UBC technical 
administrators must use a VPN and multi-factor authentication to access the Kaltura VMs on EduCloud. 


15. Please describe how you track who has access to the personal information. 


BCNET: 

BCNET members and their service providers are responsible for ensuring that access to all personal 
information in their custody and/or control is controlled, monitored, and reviewed/audited on a regular 
basis. 


UBC/EduCloud: 
UBC support staff do not have access to BCNET member personal data unless required under section 33.1 
of the Act. 


Kaltura: 
Access to the UBC on-premise environment is managed by the UBC super administrator access interface. 


Access logs for the Kaltura engineers are maintained and reviewed periodically. Authorized Kaltura 
engineers and UBC technical administrators currently have access to the Kaltura Administrative Console 
(KAC) and KMS Admin interface which are not behind a virtual private network. Both site locations have a 
security certificate. Access to the KAC allows admins to configure and access the Kaltura Management 
Console (KMC) of each institution. The KMC is the admin console for accessing all media from an 
institution, as well as other configuration items. 


The KMS Admin interface, provides access to the configuration of the Kaltura Application Framework (KAF) 
and Kaltura MediaSpace as well as accessing the admin interface of both. 


Part 4 — Accuracy/Correction/Retention of Personal Information 


16. How is an individual’s information updated or corrected? If information is not updated or 
corrected (for physical, procedural or other reasons) please explain how it will be 
annotated? If personal information will be disclosed to others, how will the public body 
notify them of the update, correction or annotation? 


BCNET: 

Personal information revisions and updates are done at the institution LMS level by authorized individuals 
at each institution. Each time a user goes into the Kaltura platform, the system authenticates them with 
the most current information in the LMS. In the case of MediaSpace, the current data used to authenticate 
a user is passed from the institution’s system or record being used. 


UBC/EduCloud: 

From a technical perspective, a UBC super administrator (SA) could access Kaltura and modify a user ID or 
add a user. This would only occur in exceptional circumstances where Kaltura is not using an LMS to 
authenticate the user (using MediaSpace), is highly unlikely, and to date there have been no 
circumstances under which a UBC SA has been required to do so. 


Kaltura: 

From a technical perspective, a Kaltura engineer at the request of a super administrator can access 
Kaltura (MediaSpace services) and could modify data. This would only be under exceptional 
circumstances, is highly unlikely and to date has not occurred. 


17. Does your initiative use personal information to make decisions that directly affect an 
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Yes. 
e Videos can be used to assess and assign academic grades to students; 

e Videos can be used to assess and evaluate a teacher’s effectiveness/performance; 

e Livestream public presentations (through Kaltura) and can be used as part of the recruitment and 


individual(s)? If yes, please explain. 


selection process by a hiring committee to evaluate prospective candidates for positions. 


e Faculty can use media in their ePortfolios as supporting evidence when applying for 


grants/funding. 


18. If you answered “yes” to question 18, please explain the efforts that will be made to 


ensure that the personal information is accurate and complete. 


Responsibility for ensuring all personal information is up to date and accurate lies with BCNET and its 
member institutions. 


19. If you answered “yes” to question 17, do you have records retention and/or disposition 


schedule that will ensure that personal information is kept for at least one year after it is 
used in making a decision directly affecting an individual? 


Responsibility for records retention and/or disposition schedules lies with BCNET and its members. 


Part 5 — Further Information 


20. Does the initiative involve systematic disclosures of personal information? If yes, please 


No 


21. 


No 


22. 


Yes. 


ganna 


explain. 


Does the program involve access to personally identifiable information for research or 
statistical purposes? If yes, please explain. 


Will a personal information bank (PIB) result from this initiative? If yes, list the 
legislatively required descriptors listed in section 69 (6) of FOIPPA. Under this same 
section, this information is required to be published in a public directory. 


Kaltura video platform system. 

Access to the Kaltura platform includes the use of a Users ID, name, course and email address. 
Section 26(c) & (d). 

Obtained, compiled and used for use of the Kaltura video platform. 

Used by teachers, students, and authorized BCNET members in support of the Kaltura platform. 
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Part 6 — Sian Off 


BCNET Program Manager 


Lean ZA 2019-07-25 


Dean Crawford Date 
Director, Shared Systems & 

Technology 
BCNET 


Head of BCNET 


Digitally signed by Bala Kathiresan 

DN: cn=Bala Kathiresan, o=BCNET, 

ou=President/CEO, 

email=bala.kathiresan@bc.net, c=CA 

Date: 2019.07.25 07:53:51 -08'00' J uly 25, 2019 


Bala Kathiresan Date 
President & Chief Executive Officer 
BCNET 


_A final copy of this PIA (with all signatures) must be kept on record. 
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